<?php

/**
 * @author	barbarosalcin
 * @desc	ajax_admin_clinics
 * @package	admin
 * @version	$Id: 20110317
 */

$error = '';
if(!defined('IN_ADMINPAGE'))
{
	$error = 'unauthorized';
	goto end;
}

foreach ( $_POST as $key => $value )
{
	$_POST[$key] = str_replace("\n", '', $_POST[$key]);
	$_POST[$key] = str_replace("\r\n", '', $_POST[$key]);
	$_POST[$key] = preg_replace('%^<br />$%', '', $_POST[$key]);
	${$key} = $_POST[$key];
	if($item_array[$key] == 'number')
	{
		${$key} = (int) ${$key}; 
	}
}

if ($_POST['act'] == 'additem')
{

	$createtime = $config['time'];

	
	eval("\$item_fields_additem = \"$item_fields_additem\";");
	
	$sql = "INSERT INTO $item_table ($item_fields,status,createtime,user_id) VALUES($item_fields_additem,'1','$createtime','{$tk->session->data['user_id']}')";
	
	if (! ($result = $tk->db->sql_query($sql)))
	{
		$error = 'sql';
		goto end;
	}
	
	$data_json = array(
			'header' => $lang['success_header'], 
			'message' => $lang[$pagename][$_POST['act']]['success'], 
			'xhr_status' => '1');
	$tk->page->_pv['json'] = 1;
	$tk->page->_pv['data_json'] = json_encode($data_json);
	
	return;
}

if ($_POST['act'] == 'manitem')
{

	eval("\$item_fields_manitem = \"$item_fields_manitem\";");
	
	$sql = "UPDATE $item_table set $item_fields_manitem WHERE id='$id'";
	
	if (! ($result = $tk->db->sql_query($sql)))
	{
		$error = 'sql';
		goto end;
	}
	
	$data_json = array(
			'header' => $lang['success_header'], 
			'message' => $lang[$pagename][$_POST['act']]['success'], 
			'xhr_status' => '1');
	$tk->page->_pv['json'] = 1;
	$tk->page->_pv['data_json'] = json_encode($data_json);
	
	return;
}

end: